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ABSTRACT 


The  Discrete  Logarithm  Problem  (DLP)  is  a  fundamental  cryptographic  primitive. 
The  DLP  is  defined  for  any  cyclic  group,  specifically  finite  fields,  whether  the  integers 
modulo  a  prime  p  or  a  polynomial  field  of  characteristic  p  modulo  some  irreducible  poly¬ 
nomial  f(x).  For  polynomial  fields  over  a  finite  field,  also  known  as  Galois  fields,  the  DLP 
can  be  viewed  as  finding  a  solution  to  the  equation  1  +  xl  =  x]  for  arbitrary  values  of  i 
(modulo  some  primitive  polynomial).  Solutions  are  (relatively)  easy  to  find  for  trinomials 
and  these  would  be  the  easiest  polynomials  to  implement  in  hardware.  However,  primitive 
trinomials  do  not  exist  for  all  degrees. 

Primitive  polynomials  are  irreducible  polynomials  with  an  associated  primitive  root 
a  that  is  a  generator  of  the  multiplicative  group.  Thus  the  generator  a  generates  all  nonzero 
2n  —  1  elements  of  a  Galois  field  whose  base  field  is  the  integers  modulo  two.  Primitive 
polynomials  over  the  field  of  two  elements,  or  GF( 2),  have  important  applications  in  cryp¬ 
tology  and  coding  theory. 

This  thesis  investigates  properties  of  polynomials  with  more  than  three  terms  where 
all  but  one  term  is  a  row  of  Pascal’s  triangle  modulo  two.  In  other  words  we  define  a  certain 
class  of  polynomials  by  f(x)  =  xn  +  p(x),  where  p(x)  is  a  row  of  Pascal’s  triangle  modulo 
two.  This  thesis  shows  that  some  of  these  polynomials,  which  are  not  trinomials,  also 
have  “easy”  solutions.  We  observe  that  for  a  polynomial  to  have  an  associated  primitive 
element,  there  are  definite  restrictions  on  the  degree  of  the  polynomial  using  particular  rows 
of  Pascal’s  triangle. 
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I. 


INTRODUCTION 


Digital  communications  are  now  commonplace,  if  not  essential,  in  our  day  to  day 
lives.  The  average  user  takes  for  granted  the  inner  workings  of  their  computer  systems. 
One  feature  in  particular  is  random-number  generation,  which  computer  software  systems 
utilize  in  cryptographic  library  files.  The  simplest  and  most  efficient  method  for  random- 
number  generation  is  via  a  maximum  period  Linear-Feedback  Shift  Register  (LFSR).  The 
authoritative  source  on  the  topic  is  Shift  Register  Sequences  by  Solomon  W.  Golomb  [1], 
These  pseudo-random  sequences,  also  called  m-sequences,  have  the  needed  randomness 
properties  of  balance,  runs,  and  correlation.  Applications  of  LFSR’s  range  from  stream 
ciphers  to  scrambling  sequences  used  by  cable  television,  satellite  communications  and 
cell-phones.  Each  m-sequence  is  uniquely  determined  by  a  primitive  polynomial  whose 
coefficients  are  elements  of  some  prime  sub-field,  p.  We  call  this  subfield  the  Galois  field 
with  p  elements,  denoted  by  GF ip).  We  restrict  our  attention  to  the  case  p  —  2  in  this 
thesis.  These  polynomials  are  useful  for  a  wide  variety  of  applications  such  as  random- 
number  generators,  stream  ciphers,  and  linear  code  generators. 

Specifically,  primitive  polynomials  are  essential  to  Error  Checking  and  Correcting 
(ECC)  Hamming  Codes  and  the  Advanced  Encryption  System  (AES)  [2].  One  area  of 
particular  interest  to  the  Cryptologic  and  Coding  communities  is  the  Discrete  Logarithm 
Problem  (DLP)  [3].  While  logarithms  are  straightforward  to  find  over  the  real  numbers,  the 
DLP  looks  for  solutions  to  the  following  equation  modulo  some  polynomial  f(x)  whose 
coefficients  are  taken  modulo  some  prime  p.  So  we  define  the  DLP  over  GF(2n)  in  the 
following  way;  for  a  primitive  polynomial  f{x)  of  degree  n  with  root  a,  an  integer  i,  and 
the  relation  1  +  xl  =  xf  solve  for  j  in  a  computationally  feasible  amount  of  time.  This 
relation  implies  that  the  polynomial  g(x)  =  x]  +  xl  +  1  is  a  trinomial  multiple  of  fix), 
or  that  f(x)  divides  fj(x).  Because  ct  is  a  cyclic  generator  of  the  multiplicative  group 
G  =  GF( 2n)  =  (afe|0  <  k  <  |G|},  then  for  every  a 1  in  G,  there  exists  a  unique  af 
where  i  <  j  that  satisfies  the  above  relation.  The  difficulty  of  the  problem  is  finding  a 
computationally  feasible  algorithm  that  finds  j  in  terms  of  i,  without  generating  the  entire 
field.  One  method  is  to  compute  Zech’s  logarithm  table  for  GF( 2n)  [3],  also  referred  to  as 
a  table  of  Shift-and-Add  (SAA)  pairs  [4]. 
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If  we  have  a  primitive  polynomial  of  degree  n  over  GF (  2)  with  only  three  terms, 
then  the  polynomial  itself  defines  an  entry  in  the  SAA  table.  The  occurrence  of  primitive 
trinomials  for  an  arbitrary  degree  n  is  infrequent  but  a  great  amount  of  research  exists  on 
primitive  trinomials  [5,  6,  7].  Primitive  pentanomials  are  more  pervasive  than  primitive 
trinomials.  Thus  we  investigate  pentanomials  and  higher  term  polynomials  of  the  form 
f(x )  =  xn  +  p(x),  where  p(x)  is  a  row  of  Pascal’s  triangle  modulo  two.  The  motivation 
for  requiring  that  p(x)  be  a  row  of  Pascal’s  triangle  is  that  for  such  polynomials,  p(x)  = 
(x+l)k,  where  k  is  the  particular  row  of  Pascal’s  triangle  with  the  coefficients  taken  modulo 
two.  So  we  can  rewrite  f(x)  as  xn  +  (x  +  l)fc,  which  appears  to  provide  a  possible  SAA 
pair.  As  an  example,  consider  the  primitive  polynomial  f(x)  =  x7  +  x3  +  x2  +  x  +  1 
of  degree  7  over  GF{ 2)  with  root  a.  We  can  rewrite  the  equation  in  the  desired  form 
f(x )  =  x7  +  (x  +  l)3.  If  f(x)  is  primitive,  which  in  this  case  we  know  to  be  true,  then  we 
can  manipulate  the  equation  using  the  fact  that  a27”1  =  a°  =  1,  which  follows  from  the 
fact  that  a  is  a  cyclic  generator  of  the  multiplicative  group  with  a  period  of  2 '  —  1  =  127.  So 
if  we  can  find  a  =  3_1  (mod  127),  then  we  would  find  the  first  SAA  pair.  Since  3_1  =  85 
(mod  127),  we  find  the  solution  to  the  SAA  pair  by 

(a  +  l)3x3_1  =  a7x3_1  (mod  12?) 

a  +  l  =  a7x85  (modl27)=a87 

Thus  (1,87)  is  a  SAA  pair  that  corresponds  to  the  exponents  a0  +  a1  =  a87,  and  f(x) 
divides  the  polynomial  x87  +  x  +  1.  This  provides  a  step  toward  a  solution  to  a  specific 
DLP  in  the  field  GF{2n)  characterized  by  the  specific  polynomial  fix). 

This  thesis  investigates  properties  of  polynomials  of  the  form  f{x)  =  xn  +  p(x). 
We  define  minimal  conditions  that  the  polynomial  must  satisfy  if  it  is  to  be  primitive.  We 
also  define  these  polynomials  as  row  k  Pascal  polynomials,  where  k  is  the  corresponding 
row  of  Pascal’s  triangle.  Chapter  II  provides  the  necessary  background  in  Number  Theory, 
Group  Theory,  Field  Theory,  and  Galois  Theory.  The  reader  versed  in  these  areas  may  wish 
to  skip  directly  to  the  problem  statement  beginning  in  Chapter  III. 
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II. 


BACKGROUND  AND  REVIEW 


Before  beginning  a  discussion  of  the  problem  we  investigate,  we  present  some  basic 
definitions  and  theorems.  This  information  is  available  in  any  standard  algebra  text,  such  as 
Beachy  and  Blair’s  Abstract  Algebra  [8],  or  number  theory  text,  such  as  Rosen’s  Elemen¬ 
tary  Number  Theory  [9].  When  discussing  groups  and  fields,  it  should  be  understood  that 
this  paper  is  only  concerned  with  finite  fields.  It  is  also  assumed  that  the  reader  is  familiar 
with  common  mathematical,  logical,  and  set  notation. 

A.  NUMBER  THEORY 

An  integer  a  is  called  a  multiple  of  a  non-negative  integer  b  if  a  =  bq  for  some 
integer  q.  We  also  say  that  b  is  a  divisor ,  or  factor  of  a  denoted  by  b\a  [8].  Given  two 
integers  a  and  b,  not  both  0,  there  exists  a  positive  integer  d  such  that:  (i)  d  is  a  divisor 
of  both  a  and  b,  and  (ii)  any  divisor  of  both  a  and  b  is  also  a  divisor  of  d.  This  greatest 
common  divisor  of  a  and  b  is  denoted  by  gcd(a,  b )  or  simply  (a,  b ).  If  (a,  b)  =  1,  then  a 
and  b  are  said  to  be  relatively  prime.  If  p  is  a  prime  number  then  (a,  p)  =  1  for  all  positive 
integers  a  less  than  p  [8,  9]. 

With  the  notion  of  divisibility,  it  is  useful  to  define  a  relationship  among  integers 
with  equal  remainders  when  divided  by  an  integer  n.  For  any  positive  integer  n,  the  integers 
a  and  b  are  congruent  modulo  n  if  they  have  the  same  remainder  when  divided  by  n. 
Congruence  is  denoted  by  writing  a  =  b  (mod  n ).  An  immediate  consequence  of  this 
definition  is  that  two  integers  a  and  b  are  congruent  modulo  n  if  and  only  if  n  divides  their 
difference  a  —  b,  denoted  n\(a  —  b )  a  =  6(modn)  [8,  9].  Also,  if  n  divides  a  then  a 

is  congruent  to  zero  modulo  n. 

Every  integer  has  at  least  two  factors,  itself  and  one.  If  an  integer  is  prime,  then 
these  are  its  only  factors.  If  an  integer  has  factors  other  than  itself  and  one,  then  we  can 
further  decompose  these  factors  into  smaller  factors  until  we  have  a  prime  factorization  of 
the  integer.  The  Fundamental  Theorem  of  Arithmetic  states  that  every  integer  is  uniquely 
expressible  as  a  product  of  its  prime  factors.  Given  a  positive  integer  n,  let  the  prime 
factorization  of  n  be  denoted  by 

k 

n  =  n  vT- 

i=  1 
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Euler’s  Totient  Function ,  commonly  referred  to  as  Euler’s  Phi  Function  [8,  9]  gives  the 
number  of  integers  less  than  or  equal  to  n  which  are  relatively  prime  to  n,  and  is  denoted 

by  k  k 

=n<p?,-pr1)- 

'4=1  V  PiJ  i=  1 

Euler’s  Theorem  provides  a  useful  relationship  between  the  congruences  of  an  integer  n 
and  the  Phi  Function.  If  a  and  n  are  integers  relatively  prime  to  each  other,  then  ac^:n)  =  1 
(mod  n)  [8,  9].  A  corollary  to  Euler’s  Theorem  provides  a  simple  proof  of  Fermat’s  Little 
Theorem.  If  p  is  a  prime,  then  for  any  integer  a  relatively  prime  to  p, 

ap~1  =  1  (mod  p), 
ap_1  —  1  =  0  (mod  p) 

ap  =  a  (mod  p),  even  if  a  =  0. 

This  last  congruence  holds  even  if  (a,p)  =  p  [8,  9].  Since  this  thesis  investigates  the 
properties  of  polynomials  based  upon  Pascal’s  triangle,  we  now  define  how  Pascal’s  triangle 
is  derived  from  the  next  few  definitions  and  identities.  Given  two  non-negative  integers  n 
and  i,  the  binomial  coefficient  (read  “n  choose  i”)  is  defined  by 


for  all  i  such  that  0  <  i  <  n.  Otherwise  (”)  is  equal  to  zero  [9].  Pascal’s  Identity  defines  a 
recurrence  between  binomial  coefficients.  Let  n  and  i  be  positive  integers  with  n  >  i.  then 


The  Pascal  triangle  is  a  table  of  the  binomial  coefficients  where  (")  is  the  (i  +  l)'s/ 
number  in  the  (n  +  1  ),s'  row.  The  first  eight  rows  of  Pascal’s  triangle  are  listed  in  Figure  1 
[9]. 

Note  that  the  exterior  numbers  in  the  triangle  are  all  ones  and  the  number  of  terms  in 
each  row  is  equal  to  one  more  than  the  row  number.  To  find  an  interior  number,  simply  add 
the  two  numbers  in  the  positions  above  and  to  the  left  and  right  of  the  position  being  filled 
(as  in  the  shaded  figure  above).  By  Pascal’s  Identity,  this  yields  the  appropriate  integer  [9]. 
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Figure  1.  Pascal’s  triangle 


Later  we  want  to  observe  the  rows  of  Pascal’s  triangle  modulo  two.  Figure  2  shows 
the  coefficients  reduced  modulo  two. 


Figure  2.  Pascal’s  triangle  modulo  two 

Again,  the  exterior  numbers  in  the  triangle  are  all  1  and  the  number  of  terms  in  each  row 
equal  one  more  than  the  row  number.  To  find  an  interior  number,  again  add  the  two  numbers 
in  the  positions  above  and  to  the  left  and  right  of  the  position  being  filled  reducing  the 
sum  modulo  two.  Otherwise,  we  could  compute  the  standard  Pascal  triangle  and  reduce 
each  of  the  entries  modulo  two  when  we  arrive  at  the  desired  row.  Considering  memory 
and  computational  requirements,  the  second  method  is  not  as  efficient  as  the  first  where 
reduction  is  performed  at  each  row.  In  fact  the  Exclusive  OR  operation  replaces  the  addition 
and  reduction  modulo  two  with  one  logical  gate. 

Pascal’s  Identity  and  Pascal’s  triangle  combine  to  form  the  Binomial  Theorem  for 
polynomials.  We  provide  a  short  combinatorial  proof  of  the  Binomial  Theorem.  The  in¬ 
ductive  proof  can  be  found  in  Rosen’s  Number  Theory  text  [9]. 
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Theorem  II.  1  (Binomial  Theorem):  Given  two  real  numbers  a  and  b  and  any 
positive  integer  n,  then 


(a+br  =  j2 

i= 0 


ibi 


Proof  (Binomial  Theorem ).  Consider  how  to  get  a  term  of  the  form  an  lbl  from  the  product 
of  n  terms  of  the  form  (a  +  b): 

(a  +  b)n  =  (a  +  b)(a  +  b)  ■  ■  ■  (a  +  b). 

We  could  choose  the  6’s  from  any  i  number  of  the  n  factors.  There  are  (n  —  i )  factors 
remaining  to  choose  the  a’s  from.  The  number  of  ways  to  choose  i  objects  from  a  collection 
of  n  objects  without  replacement,  where  order  is  not  important,  is  simply  (") .  Thus,  each 
an~lbl  term  has  coefficient  (") ,  which  completes  the  proof.  □ 


B.  GROUP  THEORY 


A  group  is  defined  as  a  set  of  elements  G  with  an  associated  binary  operation  *  on 
the  elements  of  G  and  is  denoted  by  [G,  *].  However,  we  will  abuse  this  notation  by  writing 
G  to  indicate  the  group,  only  if  the  operation  is  understood  from  the  context.  The  group 
satisfies  the  following  conditions  [8]: 

Closure:  For  all  a,b  E  G,  a  *  b  —  c  for  some  c  e  G. 

Associativity:  For  all  a,b,c  E  G,  a  *  (b  *  c)  =  (a*b)  *  c. 

Identity:  There  exists  e  E  G,  such  that  for  all  a  E  G,a*  e  =  e*  a  =  a. 

Inverses:  For  all  a  E  G,  there  exists  a-1  E  G,such  that  a  *  a-1  =  gT1  *  a  =  e. 
Furthermore,  because  the  groups  we  are  investigating  are  associated  with  a  field,  they  also 
satisfy  the  commutative  property  and  are  referred  to  as  abelian  groups  [8]. 

Commutativity:  For  all  a,b  E  G,  a  *  b  —  b  *  a. 

A  group  G  is  said  to  be  a  finite  group  if  the  set  G  has  a  finite  number  of  elements.  In  this 
case,  the  number  of  elements  is  called  the  order  of  G,  denoted  by  fiG  or  \G\  [8]. 

An  example  of  a  group  is  the  set  of  congruence  classes  of  the  integers  modulo  n 
under  addition  modulo  n.  Given  a  positive  integer  n,  we  denote  the  congruence  classes  by 
[a]  which  is  the  set  of  all  integers  congruent  to  a  modulo  n.  The  set  of  congruence  classes 
of  n  is  denoted  by 


=  {[0]„,  [l]n,  [2] 7i)  •  •  • ,  [n  -  2]n,  [n  -  l]n} 
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This  set  forms  a  group  under  addition  where  [a\n  +  [b]n  =  a  +  b]n  and  is  denoted  Gn  = 

[Gn,+]  [8], 

Let  G  be  a  group  and  a  be  any  element  of  G,  then  the  set  (a)  =  {x  G  G  \  x  = 
a\  for  all  i  e  Z}  is  called  the  cyclic  subgroup  generated  by  a.  The  group  G  is  called 
a  cyclic  group  if  there  exists  an  element  a  in  G  such  that  G  =  (a).  In  this  case  a  is 
called  a  generator  of  G  and  the  successive  powers  of  a  generate  every  element  of  the  group 
[8].  Furthermore,  if  n  is  a  prime  p,  then  the  set  G*  —  Gp  —  { |0]p}  forms  a  group  under 
multiplication  modulo  n.  Note  the  necessary  requirement  to  remove  the  zero  class  because 
zero  has  no  inverse  under  multiplication.  An  important  characteristic  of  the  integers  modulo 
a  prime  p  is  that  every  such  group  is  a  cyclic  group.  If  p  >  2,  then  the  group  has  at  least 
two  generators. 

C.  FIELD  THEORY 

A  field  is  a  set  of  elements  F  together  with  the  two  binary  operations  +  and  *  on  F 
and  is  denoted  by  F  —  [F,  +,  *].  A  field  satisfies  the  following  conditions  [8]: 

Addition:  The  set  F  is  an  abelian  group  under  addition  with  identity  zero. 
Multiplication:  The  set  F  —  {0}  is  an  abelian  group  under  multiplication  with 
nonzero  identity  one. 

Distributive:  For  all  a,  b,  c  e  F ,  a  *  (b  +  c)  =  (a  *  b)  +  (a  *  c) . 

If  the  set  F  is  finite,  then  the  field  F  is  a  finite  field.  If  F  is  a  finite  field,  the  multiplicative 
group  is  cyclic.  Since  it  forms  the  foundation  as  the  base  field  for  our  further  discussion, 
we  now  provide  the  operation  tables  for  the  integers  modulo  two,  also  called  the  Galois 
Field  of  two  elements,  as  an  example. 


Table  II.  1  Addition  in  GF{ 2)  Table  II. 2  Multiplication  in  GF( 2) 

The  next  section  describes  Galois  Fields  in  greater  detail,  but  we  provide  a  quick 
definition  here  to  clarify  our  notation.  A  Galois  Field  is  any  finite  field  with  a  prime,  or  a 
power  of  a  prime,  order.  Galois  Field’s  are  denoted  in  several  ways,  to  include  the  following 
notations;  GF(pn),  Fpn,  and  GF(p)  [x]/  (f(x))  (where  /  is  a  polynomial  that  generates  the 
field,  which  we  further  explain  in  the  following  section)  are  the  most  common  notations. 


* 

0 

1 

0 

0 

0 

1 

0 

1 

+ 

0 

1 

0 

0 

1 

1 

1 

0 
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We  predominantly  use  the  first  notation  throughout  this  paper.  Therefore,  GF( 2)  is  the 
field  with  only  two  elements,  namely  {0, 1}.  Thus,  GF(2n)  is  the  polynomial  field  whose 
variable  coefficients  are  contained  in  the  subfield  GF (  2).  We  now  provide  more  rigorous 
definitions  of  these  terms. 

Let  F  be  a  field.  If  an,  a„_i, . . . ,  ai,  a0  G  F  (where  n  is  a  non-negative  integer), 

then  any  expression  of  the  form  anxn  +  an_ \xx~l  -f - b  a  ]  x  +  a0  is  called  a  polynomial 

over  F  in  the  indeterminate  x  with  coefficients  an,  an_  i, . . . ,  a0.  We  also  call  F  the  base 
field  or  ground  field.  The  subscript  i  of  the  coefficient  a*  is  called  the  index  [8].  If  n  is 
the  largest  non-negative  index  such  that  an  f  0,  then  we  say  that  the  polynomial  f(x)  = 
anxn  +  ■  ■  ■  +  (i\x  +  a0  has  degree  n.  written  dcg(  f(x))  =  n,  and  an  is  called  the  leading 
coefficient  of  f(x).  If  the  leading  coefficient  of  f(x)  is  one,  then  f(x)  is  said  to  be  a  monic 
polynomial.  The  set  of  all  polynomials  with  coefficients  in  F  is  denoted  by  F[x\  [8].  An 
element  c  is  called  a  root  of  f(x )  if  /(c)  =  0  [8].  While  it  is  possible  for  a  polynomial  to 
have  a  root  in  its  base  field  F,  it  is  not  necessary.  In  fact  f(x)  may  have  no  roots  in  its  base 
field.  In  this  case,  all  of  the  roots  of  f(x)  exist  in  some  extension  field  which  we  define 
shortly. 

Similar  to  the  division  algorithm  for  the  integers,  we  can  define  a  division  algorithm 
for  polynomials.  For  any  polynomials  f(x)  and  g(x)  in  F[x],  with  g(x)  f  0,  there  exist 
unique  polynomials  q(x),r(x)  G  F[x]  such  that  f{x)  =  q(x)g(x)  +  r{x)  where  either 
deg(r(a;))  <  deg(g(o;))  or  r(x)  =  0  (See  [8]  p.163  for  a  proof).  Just  as  the  division 
algorithm  in  N  has  a  polynomial  counterpart,  so  does  the  concept  of  congruences.  Let  F  be 
a  field,  and  p(x)  be  a  fixed  polynomial  over  F.  If  a(x),  b(x)  G  F,  then  we  say  that  a(x)  and 
b(x)  are  congruent  modulo p(x),  written  a(x)  =  b(x)  (mod  p(x)),  if  p(x)\(a(x)  —  b(x)). 
The  set  {b(x)  G  F[x]\a(x)  =  b(x)  (mod  p(x))}  is  called  the  congruence  class  of  a(x), 
and  is  denoted  by  [a(x)]p(a;).  The  set  of  all  congruence  classes  modulo  p(x)  is  denoted  by 
F[x\/(p(x))  [8]. 

A  non-constant  polynomial  is  said  to  be  irreducible  over  the  field  F  if  it  can¬ 
not  be  factored  in  F[x]  into  a  product  of  polynomials  of  only  lower  degree.  It  is  said 
to  be  reducible  over  F  if  such  a  factorization  exists  [8].  The  base  field  F  of  a  polyno¬ 
mial  field  F[x]  can  be  either  an  infinite  or  finite  field.  Throughout  this  thesis  we  con¬ 
sider  the  base  field  GF{ 2).  As  an  example  of  reducibility,  we  define  the  polynomials 
fi(x),  f2{x),g1(x),g2{x)  G  F[x],  where  ffix)  =  x2  +  1,  f2(x)  =  x2  +  x  +  1,  gfix)  =  x, 
g2{x)  —  x  +  1.  Note  that  fi(x)  has  the  factorization  x2  +  1  =  (x  +  l)(a;  +  1)  =  (x  +  l)2  = 
(g2(x))2,  and  so  f{x)  is  reducible.  But  since  gfix)  and  g2{x)  (which  are  the  only  degree 
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one  polynomials  in  GF( 2))  do  not  divide  f2(x )  exactly,  /■>(■>')  is  irreducible.  By  the  Fun¬ 
damental  Theorem  of  Algebra,  every  polynomial  of  degree  n  has  n  roots.  If  all  of  the 
factors  of  a  polynomial  are  not  linear  over  the  base  field,  then  its  roots  must  exist  in  some 
larger  field.  This  suggests  the  concept  of  an  extension  field,  but  first  we  provide  a  familiar 
example. 

The  polynomial  x2  +  1  has  no  roots  in  the  field  R  of  real  numbers.  However,  we 
obtain  a  root  by  introducing  the  element  i  for  which  i2  =  —  1  and  adjoining  it  to  the  field  R. 
This  leads  to  the  definition  of  the  field  of  complex  numbers,  denoted  by  C,  which  contains 
elements  of  the  form  a  +  i/3,  where  a  and  f3  are  elements  of  R.  In  a  similar  manner,  we  can 
construct  larger  fields  in  which  any  polynomial,  over  any  field,  has  a  root.  To  accomplish 
this  we  use  congruence  classes  of  polynomials  [8].  Let  E  and  F  be  fields.  If  F  is  a  subset 
of  E  and  is  closed  under  the  operations  of  addition  and  multiplication  defined  for  E,  then  F 
is  called  a  subfield  of  E,  and  E  is  called  an  extension  field  of  F  [8].  Let  F  be  an  extension 
field  of  the  field  K .  If  the  dimension  of  F  as  a  vector  space  over  K  is  finite,  then  F  is  said 
to  be  a  finite  extension  of  K  [8]. 

Let  K  be  a  field  and  let  f(x)  =  anxn  H - f  a0  be  a  polynomial  in  K[x\  irreducible 

over  K.  If  F  is  an  extension  field  of  K,  then  F  is  a  splitting  field  for  fix)  over  K  if  there 
exist  elements  rq,  r2, . . . , rn  in  F  such  that  f(x)  =  an(x  —  r1)(a:  —  r2) . . .  (x  —  rn ),  and 
F  =  K  (ri,  r2, . . . ,  rn ).  The  elements  ri,  r2, . . . ,  rn  are  roots  of  f(x),  and  so  F  is  obtained 
by  adjoining  to  K  a  complete  set  of  the  roots  of  f(x).  We  say  that  f(x)  splits  over  the  field 
E  if  E  contains  the  splitting  field  of  F  [8]. 

D.  GALOIS  THEORY 

We  now  have  the  necessary  definitions  and  theorems  to  define  a  Galois  field.  If  p 
is  any  prime  and  k  is  any  integer,  there  exists  a  unique  finite  field  of  order  pk.  This  field  is 
called  the  Galois  field  of  order  pk  and  is  denoted  by  GF{pk )  [8].  The  characteristic  of  a 
Galois  field  is  defined  by  the  order  of  the  base  field,  namely  p.  Because  of  its  applications 
in  electronic  data  systems,  we  are  interested  in  Galois  fields  of  characteristic  two  denoted 
by  GF{ 2). 

Given  an  irreducible  polynomial  f{x)  of  degree  n  over  GF (  2)  with  the  complex 
root  a,  then  a  is  a  primitive  element  of  fix)  if  and  only  if  a  is  a  multiplicative  generator  of 
all  nonzero  elements  of  GF{  2n).  Moreover,  f(x)  is  defined  to  be  a  primitive  polynomial  if 
f(x)  has  an  associated  root  a  which  is  a  primitive  element.  Then  the  powers  of  a1,  where 
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i  G  { 0,1,2,...,  2”  —  2},  are  all  distinct  elements  when  reduced  modulo  f(x)  and  modulo 
two.  The  set  of  elements  generated  by  f(x )  is  defined  as  GF(2n )  =  G^f[2^  =  {al\i  G 
Zj,.,  },  where  n  =  deg(/(x)).  These  elements  comprise  the  splitting  field  of  f(x)  over 
GF(2n),  where  addition  and  multiplication  are  well  defined. 

Although  the  primitive  element  a  is  a  multiplicative  generator  for  GF( 2n),  a  does 
not  provide  a  relationship  of  the  elements  under  addition.  Our  motivation  for  this  thesis  is 
to  search  for  polynomials  that  provide  insight  into  the  relationship  between  addition  and 
multiplication  in  certain  representations  of  GF(2n).  The  additive  properties  of  each  a1  is 
fundamentally  the  Discrete  Logarithm  Problem  as  presented  in  Chapter  I. 

If  a  polynomial  of  degree  n  is  primitive,  that  polynomial  is  said  to  generate  all  the 
nonzero  elements  of  the  field.  However  each  element  a1  in  GF(2n)  is  uniquely  expressible 
as  a  linear  combination  of  elements  of  the  set  P  =  {a0,  a1,  a2,  a3, . . .  where  P 

is  referred  to  as  a  polynomial  basis  of  GF( 2").  That  is  to  say,  if  we  consider  only  the 
coefficients  of  an  element  of  GF( 2n),  we  can  represent  the  coefficients  as  a  vector  of  length 
n.  For  example,  if  a  primitive  polynomial  has  degree  three,  the  element  xJ  =  x1  +  x  is 
annotated  as  the  vector  [1  1  0  ]  and  the  element  xk  =  x  +  1  is  associated  to  the  vector 

[0  1  1  ] .  So  a  primitive  polynomial  of  degree  three  generates  all  possible  binary  3-long 

vectors,  or  3-tuples,  except  for  the  all  zeros  vector.  Since  the  entries  in  the  vector  are  either 
zero  or  one,  as  defined  by  the  base  field  GF( 2),  there  are  2”  —  1  nonzero  elements  in  the 
field. 


i 

x2 

X 

1 

0 

0 

0 

1 

1 

0 

1 

0 

2 

1 

0 

0 

3 

0 

1 

1 

4 

1 

1 

0 

5 

1 

1 

1 

6 

1 

0 

1 

Table  II. 3  Multiplicative  group  generated  by  f(x)  =  x3  +  x  +  1 

Consider  the  primitive  polynomial  f(x)  =  x3  +  x  +  1  over  GF(2).  This  poly¬ 
nomial  has  no  roots  in  the  base  field  ,  but  the  adjoined  root  a  in  the  extension  field  gives 
f(a )  =  a3  +  a  +  1  =  0.  Subsequent  powers  of  a  generate  all  possible  3-tuples  in  an 
order  determined  modulo  the  polynomial  and  the  coefficients  modulo  two.  Without  loss 
of  generality,  we  shall  express  the  elements  of  the  field  using  the  indeterminate  variable  x 
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rather  than  the  root  a.  Table  II. 3  lists  the  nonzero  elements  of  the  field  generated  as  powers 
of  a  represented  by  xl  =  a2x2  +  a  i  x  +  a0.  The  first  column,  i,  is  the  power  of  the  generator, 
while  the  remaining  columns  represent  the  coefficient  vector  described  above. 

Recall  that  a  primitive  polynomial  with  a  multiplicative  generator  creates  the  mul¬ 
tiplicative  group  of  all  2"  —  1  nonzero  elements.  So  the  period  of  a  primitive  polynomial  is 
2n  —  1.  If  a  polynomial  of  degree  n  is  irreducible  but  not  primitive,  then  its  period  is  some 
divisor  of  2n  —  1.  Since  a  is  a  primitive  root  of  fix)  of  degree  n,  every  element  of  GF(2n) 
can  be  represented  as  linear  combinations  of  the  first  n  powers  of  a.  The  representation 
of  each  element  is  uniquely  determined  by  f(x),  as  in  Table  II. 3,  and  the  zero  element  is 
represented  as  the  all  0  vector. 

The  first  well  known  property  of  Galois  Fields  is  the  characteristic  identity ,  as 
defined  in  the  following  theorem. 

i 

Theorem  II.2:  Given  a  polynomial  f(x)  over  GF(p),  then  ( f(x))p  =  f(xp  ), 
which  is  defined  as  the  characteristic  identity  of  a  finite  field. 

Proof.  We  write  the  function  f(x )  as  XT=o  =  an^n  +  =  a™x11  +  9i(x)-  ^ 

follows  from  the  Binomial  Theorem  that 

(f(x)f  =  (anxn  +  gi(x)f 

=  EfPl  (*(*))* 

i=0  v  1  ' 

But  (p'i )  =  =  0  (mod  p)  for  all  i  except  zero  and  pk.  So  the  above  expression 

reduces  to  (anxn)p  +(gi(x))p  =  {an)p  lxp  J  +(g i(x))p  .  By  Fermat’s  Little  Theorem, 

(i an)p  =  an  (mod  p).  We  repeat  this  process  for  each  successive  term  until  gn_i(x)  = 
a\x  +  a0.  By  the  same  procedure  as  above,  (<?n_ i(x))p  =  ( a\x  +  a0)p  =  a\(xp  )  +  aQ. 

Thus  ( f(x))p  =  Y^!i=Qai  (xpL^j  =  f{xpk ),  which  completes  the  proof.  □ 

There  are  two  well  known  results  regarding  the  number  of  primitive  and  irreducible 
polynomials  of  degree  n  over  a  finite  field.  The  number  of  primitive  polynomials  of  degree 
n  is  given  by 

#r„  - 

n 
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where  (f>(n)  is  the  totient  function,  and  the  number  of  irreducible  polynomials  is 

#/„  =  -  y>(<i)2”/,i, 

n  z— ■ ' 

d\n 

where  /i  is  the  Mobius  function.  Also  note,  that  if  f(x)  is  a  primitive  or  irreducible  poly¬ 
nomial  over  GF( 2),  so  too  is  the  reciprocal  polynomial  f*(x)  =  xn  •  /(-),  where  n  is  the 
degree  of  f(x). 

Theorem  II.3:  If  f(x)  =  anxn  +  an^ixn^1  +  •  •  •  +  a^x2  +  a±x  +  a0  is  a  primitive 
polynomial  over  GF( 2),  t/ic/7  /*(x)  =  a0xn  +  aia:n_1  +  •  — b  an_ 2x2  +  an_ix  +  an  A  a/so 
a  primitive  polynomial. 

Proof.  It  is  sufficient  to  show  a  mapping  from  f{x)  to  f*(x).  We  show  that  f*(x)  = 

xn  ■  f(l). 


—  CLnX^  -f  Qjn—\X ^  ‘  "  -f  CL 2Xn  2  -|-  CL\Xn  '  ~b  CLqX n 

=  aoxn  +  ci\xn  +  •  •  •  +  an-2X2  +  CLn—\x  +  an  =  f*{x ) 


Since  xn  ■  f(^)  =  f*(x),  f*(x)  is  also  a  primitive  polynomial,  which  completes  the  proof. 

□ 

Consider  the  example  of  f(x)  =  x7  +  x3  +  x2  +  x  +  1.  Since  this  polynomial  is 
primitive  over  GF( 2),  so  is  x7  ■  /(|)  =  a;7  +  x6  +  x5  +  x4  +  1.  So  if  we  find  one  primitive 
polynomial,  we  have  actually  found  two.  This  simplifies  our  search  for  Pascal  polynomials 
since  we  need  only  test  half  as  many  polynomials. 

E.  TESTS  FOR  IRREDUCIBILITY/PRIMITIVITY 

There  are  primarily  two  methods  to  test  a  polynomial  for  irreducibility  and  two 
methods  for  testing  primitivity.  The  first  method  for  testing  irreducibility  and  primitivity  is 
called  the  sieving  method.  This  requires  a  complete  listing  of  all  irreducible  polynomials 
whose  degree  is  half  of  the  degree  of  the  polynomial  in  question.  For  example,  suppose  a 
polynomial  f(x)  has  degree  33.  We  would  require  a  complete  list  of  irreducible  polyno¬ 
mials  up  to  degree  =  16.  To  then  determine  irreducibility,  we  would  successively 
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divide  /(x)  by  each  irreducible  polynomial  in  our  list.  If  any  polynomial,  say  g(x),  divides 
/(x)  without  a  remainder,  then  f(x)  is  reducible  since  =  p(x)  [1].  Once  we  know  a 
polynomial  fix)  to  be  irreducible,  we  assume  it  has  an  associated  primitive  root  a  which 
is  a  generator  of  all  2”  —  1  nonzero  elements.  We  successively  compute  the  powers  of  a 
modulo  f(x)  modulo  two.  If  a?  repeats  any  element  a 1  such  that  0  <  i  <  j  <  2n  -  1, 
then  f(x)  is  imprimitive.  Note  that  as  the  degree  of  the  polynomial  increases,  this  method 
is  very  computationally  expensive  and  therefore  very  undesirable. 

The  second  method  is  a  nine  step  algorithm  presented  by  S.  E.  O’Connor  [10]  that 
checks  both  irreducibility  and  primitivity  of  a  polynomial  over  an  arbitrary  ground  field 
GF(p),  where  p  is  prime.  This  method  is  preferred  due  to  computational  speed  and  effi¬ 
ciency.  However,  since  we  consider  only  the  ground  field  GFifl),  we  can  omit  steps  2  and 
6  from  the  original  algorithm.  Also,  since  our  polynomials  are  not  randomly  generated, 
we  show  in  the  beginning  of  Chapter  3  that  Pascal  polynomials  have  no  linear  factors  over 
GFifl),  and  so  we  omit  step  3.  Furthermore,  we  omit  the  Berlekamp  test  for  irreducibility 
as  the  final  step  will  filter  out  any  reducible  polynomials  that  pass  Step  2.  Our  modified 
algorithm  is  simplified  over  GFfl)  where  we  assume  there  exists  an  efficient  algorithm 
for  factoring  2n  —  1.  Since  polynomial  division  is  a  simple  shift  of  a  bit  string  combined 
with  a  bitwise  XOR  operation,  of  which  both  operations  are  native  to  microprocessors,  the 
most  difficult  step  in  the  algorithm  is  factoring  2”  —  1.  We  now  present  a  modified  and 
renumbered  version  of  the  algorithm  for  testing  Pascal  polynomials  over  GF(2). 

Step  1:  Generate  a  new  degree  n  monic  Pascal  polynomial  over  GF(  2)  of  the  form 
fix)  =  xn  +  ix  +  l)fc. 

Step  2:  Check  if  x2"^1  =  1  (mod  (/(x),  2))  and  reject  the  polynomial  as  reducible 
if  the  equivalence  is  not  true. 

In  this  step,  we  note  that  the  cyclotomic  polynomial  c(x)  =  x2"-1  +  1  contains  as 
its  roots  all  2"  —  1  complex  roots  of  unity  on  the  unit  circle  defined  in  the  complex  plane  of 
numbers  [1].  Thus  any  irreducible  polynomial  /(x)  of  degree  n  contains  as  its  roots  some 
subset  of  the  roots  of  c(x)  [1].  Therefore,  if  f(x)  does  not  divide  c(x)  without  remainder, 
then  fix)  is  reducible  over  GF(  2).  We  must  still  check  that  fix)  is  not  a  product  of  smaller 
order  polynomials  that  also  divide  c(x). 

Step  3:  Factor  r  —  2n  —  1,  into  distinct  primes;  r  =  pf  . . .  pf . 

Step  4:  Check  if  xm  =  1  (mod  (/(x),  2)),  where  m  G  ,  ^},  and  reject 

the  polynomial  as  not  primitive  if  any  of  these  equivalences  are  true. 
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This  step  utilizes  Lagrange’s  Theorem  which  states  that  if  S'  is  a  subgroup  of  a 
group  G,  then  the  order  of  S  divides  the  order  of  G  [8].  So  with  a  complete  factorization  of 
r,  we  continue  to  divide  f(x')  into  each  of  the  cyclotomic  polynomials  whose  degrees  are  a 
combination  of  the  factors  of  2”  —  1.  A  consequence  of  Step  4  is  that  if  a  polynomial  has 
prime  degree  p,  such  that  2P  —  1  is  a  Mersenne  prime ,  then  all  irreducible  polynomials  of 
degree  p  are  in  fact  primitive.  Since  Mersenne  primes  are  very  rare  among  the  Mersenne 
numbers,  it  provides  us  little  computational  efficiency  to  rely  on  this  consequence  and 
incorporate  individual  tests  for  irreducibility  into  our  algorithm.  In  the  case  of  randomly 
generated  polynomials,  a  separate  test  for  irreducibility  could  provide  added  speed  to  the 
algorithm.  However,  our  polynomials  have  a  noticeable  structure  and  are  not  randomly 
generated.  We  expect  to  see  a  large  number  of  these  polynomials  as  primitive  and  will 
likely  reach  the  step  in  O’Connor’s  algorithm  that  factors  2n  —  1,  which  is  arguably  the  most 
difficult  step  in  the  algorithm.  For  a  complete  explanation  of  why  we  can  omit  Berlekamp’s 
Test  for  Irreducibility  and  move  right  to  our  Step  4,  reference  Appendix  A. 

Step  5:  If  f(x)  passes  steps  1  through  4,  accept  it  as  primitive. 

As  an  example,  consider  the  previous  polynomial  f(x)  =  x7  +  (x  +  l)3  =  x7  + 
x3  +  x2  +  x  +  1  where  c(x)  =  x12‘  +  1.  Performing  the  polynomial  division  modulo  two 
shows  that  f(x)  divides  c(x)  without  remainder.  Since  27  —  1  =  127  is  a  Mersenne  prime, 
f(x)  cannot  have  period  smaller  than  127  and  is  therefore  primitive. 

So  what  if  2n  —  1  is  not  a  Mersenne  prime?  Consider  these  three  examples  of 
reducible  polynomials;  fi(x)  =  x6+x3+x2+x+l,  /2(;r)  =  x6+x5+x4+x3+x2+x+l,  and 
fd,(x)  =  x6  +  x2  + 1.  Note  that  /i  is  also  a  Pascal  polynomial  where  fi  ( x )  =  x6  +  (x  +  l)3. 
However,  /i,  /2,  and  /3  are  reducible  having  the  factors  fi(x)  =  (x2  +  x  +  l)(x4  +  x3  +  1), 
/2(x)  =  (x3  +  x  +  l)(a:3  +  x2  +  1),  and  /3(x)  =  (x3  +  x  +  l)2(which  has  repeated  factors). 
Now  let’s  look  at  the  factorization  of  c(x)  =  x 2<3_1  +  1, 

c(x)  =(x  +  l)(a:2  +  x  +  l)(a:3  +  x  +  l)(a;3  +  x2  +  1) 

(x6  +  x  +  1)  (x6  +  x3  +  1)  (xe  +  x4  +  x2  +  x  +  1)  •  •  • 

where  the  remaining  factors  of  c(x)  are  the  remaining  irreducible  sixth  degree  polynomials. 
Note  that  /i  will  not  divide  c(x),  since  c(x)  does  not  have  (x4  +  x3  +  l)  as  one  of  its  factors. 
Also  note  that  /3  will  not  divide  c(x),  since  c(x)  only  has  (x3  +  x  +  1)  as  one  of  its  factors 
once,  not  twice.  Thus  j\  and  /3  would  have  been  eliminated  in  Step  2.  Now  f2  is  a  little 
tricky  since  c(x)  has  as  its  factors  both  of  the  factors  of  /2.  So  f2  will  pass  Step  2  since  it 
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evenly  divides  c{x),  but  it  will  not  pass  Step  4.  Both  factors  of  f2  are  themselves  primitive 
polynomials  with  period  23  —  1  =  7.  The  period  of  f2  is  therefore  the  period  of  the  least 
common  multiple  of  the  periods  of  its  factors.  So  the  period  of  f2  is  seven.  Step  3  shows 
the  factors  of  26  —  1  =  63  =  32  ■  7.  When  we  divide  x3'1  +  1  =  x 21  +  1  by  f2,  the  remainder 
will  be  zero  and  we  reject  this  polynomial  as  primitive. 

F.  LINEAR-FEEDBACK  SHIFT  REGISTERS 

A  Linear-Feedback  Shift  Register,  or  LFSR,  is  an  electronic  hardware  or  software 
representation  of  a  polynomial  over  GF( 2).  A  LFSR  is  a  finite-state  machine  whose  suc¬ 
cessive  states  are  uniquely  determined  by  the  previous  state  of  the  register.  We  denote  a 
state  by  sl  and  define  a  function  7 (s;)  to  be  the  operation  performed  by  the  register  where 
j_i  =  7 (si)  [1].  Each  successive  state  corresponds  to  a  time-step  of  the  register  where  the 
output  of  the  register  at  each  time-step  is  a  single  bit.  A  LFSR  is  equivalent  to  a  polynomial 
over  GF( 2)  such  that  7(sj)  =  J2k=o  a^xk  =  f(x)  where  the  cq’s  are  the  coefficients  of  the 
terms  with  degree  less  than  n  of  the  polynomial  f(x).  If  a  primitive  polynomial  is  used 
to  represent  the  operation  of  the  register,  then  the  resulting  sequence  of  outputs  is  an  re¬ 
sequence  of  full  length  or  period.  As  expected,  a  full-length  m-sequence  has  period  2n  —  1 
where  n  is  the  degree  of  the  primitive  polynomial  represented  by  the  register. 


Figure  3.  Fibonacci  LFSR  for  f(x)  =  x7  +  x3  +  x2  +  x  +  1 


<-|  x6  X5  x4 1<— |  x3 1<- 

X2  <r 

x  «■ 

1 

L© 


Figure  4.  Galois  LFSR  for  f(x)  =  x7  +  x3  +  x2  +  x  +  1 
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There  are  essentially  two  classical  types  of  LFSRs,  the  Fibonacci  register  and  the 
Galois  register.  The  Galois  register  is  useful  for  generating  the  successive  powers  of  the 
primitive  element  a  and  the  state  of  the  machine  at  time  i  gives  the  field  representation 
of  a1.  Table  II. 3  is  the  actual  output  of  the  Galois  register  represented  by  the  primitive 
polynomial  f(x)  =  x3  +  x  +  1.  While  the  bit-stream  output  from  both  registers  is  identical 
at  certain  offsets,  the  Fibonacci  register  is  computationally  more  efficient  at  producing 
the  m-sequence  without  regard  to  the  field  representation  of  f(x).  Figure  3  and  Figure 
4  demonstrate  the  operation  of  the  two  registers  given  the  primitive  polynomial  f(x)  = 
X7  +  X3  +  x2  +  X  +  1. 

For  the  primitive  polynomial  f(x)  =  x3 + x  + 1 .  the  m-sequence  output  is  [  0  0  1 

0  1  1  1  ] .  If  we  take  a  linear  shift  of  the  m-sequence  by  some  number  of  bits  i  and  sum 

the  bits  of  the  shifted  sequence  to  the  original  sequence  modulo  two,  the  result  is  the  same 
sequence  shifted  by  a  number  of  bits  j.  First,  a  labeling  of  the  m-sequence  is  necessary  to 
determine  the  magnitude  of  the  shift.  We  label  each  sequence  in  the  following  fashion, 

0  0  10  111 

Q  Q  Q  Q  Q  Q  Q 

Do  Di  02  O3  O4  O5  06 

We  next  take  the  original  sequence  with  a  shift  of  one,  and  add  each  bit  modulo  two  as 

follows. 


0  0  10  111  s0  s1  s2  s3  s4  s5  s6 

0  10  1110  S\  S2  S:i  S4  S5  S6  S0 

0  1  1  10  0  1  S3  S4  S5  S6  So  Si  s2 

The  resulting  sequence  is  a  shift  of  the  original  sequence  by  3  positions. 

Shift- and- Add  (SAA)  pairs  [4],  also  referred  to  as  Cycle-and-Add  pairs  [1],  are  only 
defined  for  primitive  polynomials  and  therefore  allow  for  a  method  for  performing  addition 
within  a  respective  field  as  characterized  by  a  primitive  polynomial  f(x).  In  particular, 
SAA  pairs  describe  two  elements  of  the  field  whose  sum,  taken  modulo  two,  differs  only 
by  x°  =  1.  Observe  from  Table  II. 3  that  x2  +  x6  =  1.  So  x2  and  x6  are  also  SAA 
pairs  and  we  denote  this  relationship  by  writing  the  exponents  as  an  ordered  pair.  Thus 
(1,  3),  (2, 6),  and  (4,  5)  are  examples  of  SAA  pairs  as  seen  in  Table  II. 3.  In  the  example  of 
f(x)  =  x3  +  x  +  1,  we  notice  that  f(x')  is  a  trinomial.  Primitive  trinomials  are  desirable 
in  that  they  give  an  immediate  SAA  pair  for  the  field.  By  setting  a  primitive  trinomial  f(x') 
equal  to  zero,  we  get  the  first  SAA  pair  by 
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x3  +  x  +  1  =  0 

x3  =  x  +  1. 

Squaring  both  sides  of  the  equation  gives  x6  =  (x  +  l)2.  By  the  Binomial  Theorem, 
(x  +  l)2  =  x2  +  2x  +  1.  Reducing  the  coefficients  modulo  two,  (x  +  l)2  =  x2  +  1  and 
thus  x6  =  x2  +  1.  Squaring  once  more  gives  x12  =  x5  =  ( x 2  +  l)2  =  x4  +  1.  Thus, 
from  one  SAA  pair  we  can  generate  a  table  that  defines  addition  within  the  field.  If  we 
wanted  to  know  the  sum,  a:3  +  x4,  as  a  power  of  the  primitive  element,  we  simply  perform 
the  following  reduction 


x3  +  x4  =  x3{x  +  1) 

=  x3x3  =  a;3"1"3 
=  x6  =  X2  +  1. 

Thus  the  SAA  or  Zech’s  Logarithm  table,  provides  a  convenient  method  of  per¬ 
forming  addition  within  GF  (2"  )  without  computing  the  entire  multiplication  and  addition 
tables  for  /( x).  Note  that  as  the  degree  of  the  polynomial  increases,  the  size  of  the  field 
grows  exponentially.  However,  the  “squaring  method”  of  finding  SAA  pairs  only  provides 
a  linear  growth  in  the  number  of  SAA  pairs  immediately  obtainable.  Some  work  is  required 
to  compute  the  rest  of  the  SAA  table,  but  efficient  algorithms  provide  a  method  of  complet¬ 
ing  this  table.  Since  every  primitive  polynomial  divides  the  polynomial  representations  of 
each  of  its  SAA  pairs,  we  can  search  for  the  next  SAA  pair  not  in  our  table  by  computing 
GF  +  r  —  xK  The  singleton  remainder  term  x3  gives  the  SAA  pair 

Consider  the  polynomial  f(x)  =  x7  +  a;3  +  x2  +  x  +  1  =  x7  +  (x  +  l)3,  we  know 
from  Chapter  1  that  the  first  SAA  pair  for  this  polynomial  is  (1,87).  Recall  that  this  SAA 
pair  corresponds  to  the  trinomial  x87  +  x  +  1.  Squaring  the  trinomial  gives  x 1 74  +  x1  +  1. 
Reducing  the  exponents  modulo  127  gives  the  trinomial  x47  +  x2  +  1,  resulting  in  the  SAA 
pair  (2,47).  So  we  get  the  first  seven  SAA  pairs  by  taking  (2fc  x  1,  2k  x  87)  (mod  127) 
where  0  <  k  <  n  —  1.  The  first  seven  SAA  pairs  for  f(x)  are  (1,87),  (2,47),  (4,94), 
(8,  61),  (16, 122),  (32, 117),  and(64, 107).  We  get  seven  more  SAA  pairs  by  multiplying 
the  original  trinomial  x87  +  x  +  1  by  x  ',  and  performing  the  squaring  operation  again 
by  taking  ( 2k  x  (—1),  2k  x  (87  —  1))  (mod  127).  The  resulting  SAA  pairs  are  (126,  86), 
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(125,45),  (123,90),  (119,53),  (111,106),  (95,  85),  and(63, 43).  Again,  we  get  seven  more 
by  multiplying  by  x~S7  and  taking  ( 2k  x  (—87),  2k  x  (1  —  87))  (mod  127).  This  time,  the 
resulting  SAA  pairs  are  (40,41),  (80,82),  (33,37),  (66,74),  (5,21),  (10,42),  and(20,  84). 

The  first  63  SAA  pairs  were  relatively  straightforward  to  find,  but  there  are  still 
63  more  to  be  found.  The  first  integer  that  is  not  in  a  SAA  pair  is  3.  To  find  the  j  that 
satisfies  xj  +  x3  +  1,  we  multiply  a;3  +  1  by  a:127.  We  begin  reducing  a;130  +  x12‘  by  adding 
multiples  of  f(x)  modulo  two.  Clearly  a;2"-1  =  1  (mod  {f(x),  2)),  for  any  primitive 
polynomial  f(x)  with  degree  n,  so  dividing  by  f(x)  will  simply  return  what  we  began 
with.  But  while  performing  the  polynomial  division,  there  is  a  polynomial  multiple  of  f(x) 
that  when  added  to  a;130  +  x127,  leaves  a  single  remainder  term.  This  singleton  remainder 
results  in  the  desired  j  that  we  were  looking  for.  In  this  case  the  SAA  pair  is  thus  (3,57). 
We  can  perform  the  squaring  and  multiplying  procedure  to  find  the  next  21  SAA  pairs. 
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III. 


PASCAL  POLYNOMIALS 


We  continue  by  considering  polynomials  of  the  form  f(x)  =  xn  +p(x),  where  p(x) 
is  a  row  of  Pascal’s  triangle  modulo  two.  We  define  polynomials  of  this  form  as  Pascal 
polynomials .  Since  each  row  of  Pascal’s  triangle  can  be  viewed  as  the  coefficients  in  the 
expansion  of  {x  +  l)k,  any  polynomial  that  can  be  represented  in  the  form  of  a  row  of 
Pascal’s  triangle  plus  an  additional  monomial  term  resembles  a  trinomial.  It  would  be  very 
nice  to  find  a  primitive  polynomial  of  this  form  because  we  could  then  find  an  easy  solution 
for  the  first  SAA  pair. 

Why  do  we  care  if  p(x)  is  a  row  of  Pascal’s  triangle?  The  most  obvious  reason,  as 
stated  above,  is  that  a  Pascal  polynomial  of  the  form  f(x)  =  xn  +  (x  +  l)fc  is  similar  to  a 
trinomial  of  the  form  g(x)  =  xn  +  xk  + 1.  The  not  so  obvious  reason  to  choose  polynomials 

of  this  form  is  that  when  f(x)  =  xn  +  (x  +  l)k,  f(x)  has  no  linear  factors.  This  allows 

us  to  exclude  Step  3  in  O’Connor’s  test  for  irreducibility/primitivity.  Any  row  of  Pascal’s 
triangle  modulo  two  has  an  even  number  of  nonzero  terms,  with  the  outermost  terms  always 
being  1.  Thus  adding  the  additional  xn  term  yields  a  polynomial  with  an  odd  number  of 
terms,  and  f(x)  has  no  solutions  in  the  ground  field  GF( 2). 

Theorem  III.l:  Any  polynomial  of  the  form  f(x)  =  xn  +  (x  +  l)/:'  has  no  linear 
factors  over  GF{2),  where  n  >  0  and  k  >  0. 

Proof  Evaluating  f(x)  over  the  ground  field,  we  see  that 

/( 0)  =  0n  +  (0  +  l)fc  =  0  +  (l)fc  =  1  (mod  2),  and 

/( 1)  =  ln  +  (1  +  l)k  =  1  +  (2)k  =  1  (mod  2). 

So  f{x)  has  no  linear  factors,  which  completes  the  proof.  □ 

Since  we  have  just  shown  that  polynomials  of  the  form  f{x)  =  xn  +  (x  +  l)k  have 
no  linear  factors  over  the  ground  field,  we  can  exclude  this  step  in  our  test  for  irreducibil- 
ity.  This  thesis  investigates  some  specific  cases  of  the  generalized  class  of  polynomials 
over  GF{ 2)  of  the  form  f(x)  =  xn  +  (xa  +  l)fc.  For  now  we  set  a  =  1,  giving  poly¬ 
nomials  of  the  form  f(x)  =  xn  -\-  (x  +  1  j k .  Recall  that  the  fewer  terms  in  a  primitive 
polynomial,  the  fewer  addition  operations,  and  the  faster  we  can  implement  the  algorithm 
in  hardware/software.  So  a  polynomial  with  fewer  terms  is  presumably  more  computation¬ 
ally  efficient  when  wired  up  as  an  LFSR,  thus  trinomials  are  preferred  over  pentanomials 
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which  are  preferred  over  heptanomials,  etc...  It  would  be  nice  to  know  which  rows  of  Pas¬ 
cal’s  triangle  will  yield  four  terms,  six  terms,  eight  terms,  etc...  Consider  the  following 
theorem. 

Theorem  III.2:  The  number  of  odd  terms  in  row  k  of  Pascal’s  triangle  is  2wU/:'), 
where  wt  (k)  is  the  Hamming  weight  ofk  and  represents  the  number  of  one’s  in  the  binary 
expansion  ofk. 

Proof  Let  fix)  =  {x  +  l)fc  =  Y7!l=o  (f)xl  be  the  polynomial  representation  of  the  kth  row 
in  Pascal’s  triangle  modulo  two.  Further,  if  the  Hamming  weight  of  k  is  wt  ( k )  =  w,  we 
can  write  the  binary  representation  of  k  as  k  =  Y77=  o  where  k\  <  k2  <  ■  ■  ■  <  kw. 
Then, 


(x  +  l)^i=o2!  =  J|(x+  l)2’ 

i= 0 

W 

= n  <*2‘ + !> 

i= 0 

by  Theorem  II. 2.  It  is  straightforward  to  show  that  any  polynomial  with  n  terms  will  have 
twice  as  many  terms  when  multiplied  by  the  binomial  ( xa  +  1),  such  that  a  does  not  equal 
any  exponent  in  the  original  polynomial.  Since  our  last  equation  has  w  binomial  products, 
there  are  2W  number  of  terms  in  the  expanded  product.  The  resulting  expanded  polynomial 
must  match  the  number  of  terms  in  the  binomial  expansion.  So  there  must  be  2W  number 
of  binomial  coefficients  (*?) ,  which  are  odd.  This  completes  the  proof.  □ 

We  now  know  that  if  k  is  a  power  of  two,  then  by  Theorem  II. 2,  the  polynomial 
f(x)  =  xn  +  (x  +  l)k  =  xn  +  xk  +  1.  A  great  deal  is  known  about  trinomials  over 
GF( 2),  thanks  to  the  celebrated  Swan’s  Theorem  [5],  so  we  focus  the  scope  of  this  thesis 
to  polynomials  with  more  than  three  terms,  namely  k  f  2l .  But  Theorem  III. 2  shows  that 
our  Pascal  polynomial  yields  a  pentanomial  if  and  only  if  the  Hamming  weight  is  two. 

Corollary  III.3:  The  polynomial  f(x)  =  xn  +  (x  +  T)k,  with  n  >  k,  is  a  pen¬ 
tanomial  if  and  only  if  the  Hamming  weight  ofk  is  2. 

Proof  Consider  k  =  2s  +  2t,  where  t  >  s.  Then, 

xn  +  (x  +  l)2*+2^  =  xn  +  (x  +  l)2t(a:  +  l)2* 

=  xn  +  Xk  +  X 2t  +  X2S  +  1 

The  reciprocal  is  trivial  as  the  number  of  terms  in  (x  +  l)fc  is  2wt(fc)  =  22  =  4,  by  Theorem 
III. 2.  This  completes  the  proof.  □ 
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Thus,  we  should  focus  our  attention  on  rows  of  Pascal’s  triangle  that  have  a  Ham¬ 
ming  weight  of  two  or  more.  Since  three  is  the  smallest  number  with  Hamming  weight 
two,  let  us  begin  our  examination  with  row  three  Pascal  polynomials. 

A.  ROW  THREE  POLYNOMIALS 

We  want  to  know  when  the  pentanomial  f(x)  =  xn  +  x3  +  x2  +  x  +  1  is  primitive 
for  n  >  3.  In  order  to  solve  for  a  SAA  pair,  we  note  that  if  xn  +  (x  +  l)3  =  0,  then 
xn  =  (x  +  l)3.  Note  that  a  polynomial  has  the  SAA  property  if  and  only  if  it  is  primitive. 
But  having  a  SAA  solution  (i.e.  x  +  1  =  a;"7'3)  is  not  a  sufficient  condition  for  primitivity. 
So  when  3| n,  f(x)  has  a  SAA  solution.  But  we  show  now  that  f(x)  of  degree  n  =  3 n  is 
reducible  with  the  factor  g(x)  =  x2  +  x  +  1,  therefore  f(x)  is  imprimitive  and  does  not 
have  the  SAA  property  even  though  it  has  a  SAA  solution. 

Theorem  III.4:  Any  polynomial  of  the  form  f(x)  =  a;3”  +  x3  +  x2  +  x  +  1  is 
reducible  over  GF( 2). 

Proof  (Induction).  Let  g(x)  =  x2  +  x  +  1.  Clearly  g(x)  \  (x2  +  x  +  1),  so  it  is  sufficient  to 
show  that  g(x)\(x3n  +  x3).  Reducing  the  monomial  term  x3n  modulo  g{x)  modulo  2,  we 
have 

x3n  +  x3n~2(x2  +  X  +  1)  +  x3n~3(x2  +  X  +  1)  = 
x3h  +  x3h  +  a;3*"1  +  x3h~2  +  x3fl~l  +  a;3*"2  +  x3h~3  = 

x3h~3  =  a:3(A_1)  (mod  2). 

We  can  continue  this  reduction  until  x3n  =  x3  (mod  ( g{x ),  2)).  Therefore  g{x)  \  ( x3n  +  x3) 
and  it  follows  that  g{x)  \f  (x),  which  completes  the  proof.  □ 

We  next  consider  polynomials  of  an  even  degree  where  n  =  2 ft.  It  is  clear  that 
3  \  2 h  unless  3|  n.  If  f(x)  is  a  primitive  polynomial,  then  the  root  a  is  a  cyclic  generator  of 
the  multiplicative  group  with  period  2n  —  1  such  that  a2"-1  =  a0  =  1.  Therefore,  we  can 
multiply  the  equation,  any  number  of  times,  by  a2"-1  giving 

(x  +  l)3  =  x2fl 

=  x2hxt{22ii~1) 

_  x2n+t(22ft-l) 
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Now  the  exponent  looks  more  complicated  and  we  must  determine  its  divisibility  by  three. 
Before  investigating  this  case,  we  prove  a  useful  lemma. 

Lemma  III.5:  If  ‘a  ’  is  an  even  nonnegative  integer,  then  3  divides  2a  —  1.  Otherwise 
if  ‘a  ’  is  odd,  then  3  divides  2a  +  1. 

Proof  Since  2  =  — 1  (mod  3),  then  2“  —  1  =  (— l)a  —  1  =  0  if  a  is  even.  Otherwise 
2a  +  1  =  (— l)a  +  1  =  0  if  a  is  odd,  which  completes  the  proof.  □ 

So  when  the  degree  of  f(x)  is  even,  we  now  provide  a  proof  that  the  exponent 
2 h  +  t(22n  —  1)  is  not  divisible  by  three.  Thus  row  three  polynomials  of  even  degree  can 
never  have  the  SAA  Property  and  are  therefore  imprimitive. 

Lemma  III. 6:  For  any  nonnegative  integers  n  and  t  where  n  =  2 n  and  3  {  n,  then 
it  is  the  case  that  3  f  2 h  +  t (22n  —  1). 

Proof  Lemma  III. 5  shows  3  |  (22n  —  1)  so  3  |  t{ 22n  —  1)  for  any  choice  of  t  e  Z.  Thus 
when  n  =  2 n  and  3  \  n,  three  cannot  divide  2 n  +  t(22n  —  1)  which  completes  the  proof.  □ 

So  the  degree  of  a  row  three  polynomial  cannot  be  even  or  a  multiple  of  three  and  be 
primitive.  By  applying  a  sieve  to  the  integers  and  removing  those  not  of  the  form  n  =  2 n 
or  n  =  3h,  we  observe  that  the  remaining  integers  have  the  form  n  =  6h  ±  1  for  all  h  e  Z. 


X 

2 

2 

4 

5 

0 

7 

% 

4 

0 

11 

0 

13 

0 

0 

17 

0 

19 

0 

X 

0 

23 

0 

25 

0 

0 

0 

29 

0 

Table  III.  1  Integers  of  the  form  6Z  ±  1 

We  now  prove  that  if  f(x)  is  a  row-three  polynomial  with  degree  n  —  6h  ±  1,  then 
f(x)  has  a  SAA  solution  and  can  be  further  tested  for  the  SAA  Property  (i.e.  primitivity) 
using  the  method  described  in  Chapter  II. 


22 


Theorem  III.7:  When  n  =  6 n  ±  1,  three  divides  6n  ±  1  +  t(26n±1  —  1 )  for  some 

te{  1,2}. 

Proof  1  (Induction).  Clearly  3  |  6 n,  so  when  n  —  6n  —  1  and  t  —  1  we  have 

(26"-1  -  1)  -  1  =  (2m~l  -  2) 

=  2(2m~2  -  1) 

=  2(22(3A"1)  -  1). 

By  Lemma  III.5  three  divides  (22(3n_T  —  1),  so  three  also  divides  (6 n  +  26n  1  —  2). 

Proof  2  (Induction).  Again  3  |  6 n,  so  when  n  —  6ft  +  1  and  t  —  2  we  have 

2(26"+1  -  1)  +  1  =  (2te+2  -  1) 

_  ^22(3n+l)  _  -g 

By  Lemma  III.5  three  divides  (22(3n+1)  —  1),  so  three  also  divides  (6 n  +  26n+2  —  1).  Thus 
for  any  choice  of  t  €  (1, 2},  three  always  divides  6n  ±  1  +  t( 26n±1  —  1),  which  completes 
the  proof.  □ 

Combining  the  first  and  second  class  of  row  three  polynomials,  we  obtain  a  gen¬ 
eralized  class  of  row  three  polynomials  of  the  form  f(x)  =  ./>n±  1  +  (x  +  l)k  which,  if 
irreducible,  potentially  have  an  associated  primitive  element.  Before  we  begin  searching 
for  primitive  polynomials  of  this  type,  recall  from  the  beginning  of  the  chapter  that  the 
generalized  Pascal  polynomial  has  the  form  f(x)  =  xn  +  ( xa  +  l)k.  Note  that  our  solu¬ 
tions  for  the  SAA  pair  of  row  three  polynomials  is  independent  of  the  value  of  a.  We  use 
this  concept  to  find  multiple  pentanomials  for  a  specific  value  of  n  which  we  can  also  test 
for  primitivity.  Thus,  we  consider  the  most  generalized  row  three  polynomials  of  the  form 
fix)  =  x6n±1  +  ( xa  +  l)fc  where  n  —  6h  ±  1  >  3a. 

As  an  example,  consider  a  row  three  polynomial  of  degree  seven,  where  the  expo¬ 
nent  a  is  equal  to  one.  This  polynomial  expands  to  the  pentanomial  f(x)  =  x7  +  x3  +  x2  + 
x  +  1.  We  could  also  allow  the  exponent  a  to  equal  two  and  the  resulting  polynomial  is 
f(x)  =  x7  +  x6  +  x4  +  x2  +  1,  which  is  still  a  pentanomial  of  degree  7.  So  for  polynomials 
of  degree  seven,  there  are  two  pentanomials  to  test  for  primitivity.  Both  of  these  are  in  fact 
primitive.  Generalizing  this  concept,  as  long  as  n  >  3a,  there  are  j  pentanomials 
which  may  be  primitive. 
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B.  ROW  FIVE  POLYNOMIALS 

The  next  class  of  polynomials  we  investigate  are  row  five  polynomials  of  the  form 
f(x)  =  xn  +  (x  +  l)5.  Note  that  five  is  one  greater  than  a  power  of  two,  so  the  full 
expansion  yields  a  pentanomial  of  the  form  f(x)  =  xn  +  x5  +  x4  +  x  +  1.  Again  we 
examine  characteristics  of  the  degree  of  the  polynomial.  If  the  degree  is  a  multiple  of  five, 
then  f(x)  is  reducible. 

Theorem  III. 8:  Given  a  polynomial  f(x)  =  x5n  +  (x  + 1)5  over  GF( 2)  and  n  >  1, 
f(x)  is  reducible  with  the  factor  g(x)  =  xn  +  x  +  1. 

Proof  (Construction). 

x5n  +  (x  +  l)5  =  xn(x4n  +  (x  +  l)4)  +  xn(x  +  l)4  +  (x  +  l)5 
=  xn(xn  +  (x  +  l))4  +  (a;  +  l)4(a;n  +  (x  +  1)) 

=  ( xn  +  x  +  l)(xn(xn  +  x  +  l)3  +  (x  +  l)4)  (mod  2), 

which  completes  the  proof.  □ 

Next,  we  consider  the  case  where  the  degree  of  f(x )  is  a  multiple  of  four.  It  follows 
from  Fermat’s  Little  Theorem  that  when  the  degree  of  the  monomial  term  is  divisible  by 
four  but  not  by  five,  then  the  cyclic  element  with  exponent  24n  —  1  is  divisible  by  five. 

Lemma  III.  9:  Given  an  integer  n  =  4  n  relatively  prime  to  five,  24n  —  1  is  divisible 

by  five. 

Proof.  By  Fermat’s  Little  Theorem, 

(25-1)  =  (24)  =  1  (mod  5) 

(24f  =  1  (mod  5) 

(24"')  -1  =  0  (mod  5), 

which  completes  the  proof.  □ 

So  a  row  five  polynomial  is  never  primitive  if  its  degree  is  a  multiple  of  four  or 
five.  Unfortunately  we  are  not  able  to  say  more  about  when  these  polynomials  are  in  fact 
primitive.  Some  of  these  issues  are  addressed  in  Chapter  IV. 
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c. 


GENERALIZED  RESULTS 


Following  the  method  described  in  the  preceding  sections,  there  are  two  main  re¬ 
sults  that  can  be  generalized  as  follows.  The  degree  of  a  polynomial  cannot  be  a  multiple 
of  the  row  value  k  and  the  degree  cannot  be  a  multiple  of  4>(k),  where  0  is  Euler’s  Totient 
function  as  defined  in  Chapter  2.  In  the  first  case  the  polynomial  is  reducible  while  the 
second  case  shows  imprimitivity  since  f(x)  has  no  SAA  solution.  We  present  these  results 
in  a  consolidated  theorem  now. 


Theorem  III.10:  Given  a  polynomial  of  the  form  f(x)  =  xN  +  (xA  +  1)A  over 
GF(2),  where  N  >  KA  and  K  is  odd,  if 

(i)  N  =  AT  for  any  integer  T  >  A,  then  f(x)  is  reducible  with  factor  g(x)  =  xT  + 
x  +  1. 

(li)  N  =  0{K)T  for  any  integer  T  not  a  multiple  of  K,  then  f(x)  is  imprimitive. 

Proof  (i).  Represent  K  in  its  binary  expansion  K  =  2m  +  am_i2m_1  +  •  •  •  +  ai2  +  1.  By 
a  telescoping  algorithm,  begin  with  K  =  2m  +  R  so  that 

XKT  +  +  X)K  X(2m+R)T  +  {xA  +  1)(2  ™+fl) 

=  xRT(x2rnT  +  (xA  +  l)2m)  +  xRT(xA  +  l)2m 
+  (xA  +  l)2m(xA  +  l)R 

=  xRT(xT  +  xA  +  l)2m  +  (xA  +  l)2m(xRT  +  (xA  +  1)R). 

Repeat  this  process  on  the  {xRT  +  (xA  +  1 ) fi )  term  for  each  nonzero  a*  coefficient  until 
Kj  =  2J  +  1. 


Proof  (ii).  Assume  f(x)  is  a  primitive  polynomial  of  degree  N  =  o(K)T.  where  T  is 
not  a  multiple  of  K,  over  GF{ 2)  with  root  a.  Then  f(a)  =  aN  +  ( aA  +  1)A  =  0,  and 
( aA  +  1)A  =  aN aL^2'  Since  K  does  not  divide  N,  it  is  sufficient  to  show  that  if 
K  divides  L(2N  —  1),  then  f(x)  has  no  SAA  solution  and  is  never  primitive.  The  result 
follows  directly  from  Euler’s  Theorem.  Since  K  is  odd,  K  is  relatively  prime  to  2.  Thus, 


2^k)  =  1  (mod  K) 
2n  =  2^k)t  =  (2^k))t  =  1  (mod  K) 
2 *(k)t  _  i  =  o  (mod  K) 

and  K  divides  (2N  —  1),  which  completes  the  proof. 


□ 
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IV. 


RESULTS  AND  FUTURE  WORK 


We  have  shown  that  primitive  polynomials  of  the  form  f(x)  =  xn  +  p(x),  where 
p(x)  is  a  certain  row  of  Pascal’s  triangle  modulo  2,  have  restrictions  on  the  value  of  n  for 
a  given  kth  row.  Although  this  thesis  presents  conditions  under  which  a  polynomial  cannot 
be  primitive,  we  have  not  stated  anything  conclusive  about  when  a  polynomial  definitely  is 
primitive.  The  data  presented  in  Appendices  C  -  F,  demonstrates  that  the  actual  number  of 
primitive  polynomials  to  the  outside  solutions  (n  >  a  ■  k )  is  not  nearly  as  dense  as  we  had 
hoped.  In  fact ,  for  a  fixed  row  k  of  Pascal’s  triangle,  the  number  of  primitive  polynomials 
as  n  increases  becomes  very  sparse.  Perhaps  as  n  grows,  so  too  must  the  row  of  the  triangle 
which  we  evaluate. 

Although  we  did  not  discuss  “inside”  solutions  in  Chapter  3,  such  a  polynomial 
occurs  when  the  degree  of  the  monomial  term  is  inside  the  expanded  binomial  terms  such 
that  n  <  a  ■  k  and  the  degree  is  therefore  a  ■  k  (by  our  notation  for  the  general  form  of  a 
Pascal  polynomial).  For  example,  the  polynomial 

fP(x)  =  (x  +  l)9  +  x4 

=  x9  +  x8  +  X4  +  X  +  1 

is  an  inside  polynomial  and  is  in  fact  primitive.  We  performed  a  comparison  of  these 
polynomials  to  trinomials  of  equal  degrees,  with  interesting  results  (Appendices  G  -  H). 
The  results  indicate  that  any  primitive  Pascal  polynomial  has  an  identical,  corresponding 
primitive  trinomial.  For  example,  if  the  polynomial  f(x)  =  (x  +  l)fc  +  x"  is  primitive,  then 
the  trinomial  t(x)  =  xk  +  xn  +  1  is  also  primitive.  So  given  our  example  of  fp  above,  the 
trinomial  ft(x)  =  x9  +  x4  +  1  should  also  be  primitive,  which  it  is. 

Our  experimental  result  is  indicative  of  the  theoretical  results  obtained  by  Zeng  , 
Han,  and  He  in  their  currently  unpublished  paper,  The  parity  of  the  number  of  irreducible 
factors  of  xl~ef(xf  +  l)e  +  1  over  F2  [11].  In  this  paper,  the  authors  present  a  generaliza¬ 
tion  of  Swan’s  theorem  for  our  Pascal  polynomials  similar  to  those  made  in  the  paper  by 
Fredricksen,  Hales,  and  Sweet  [6]  for  trinomials.  It  is  not  immediately  apparent  that  the 
polynomials  of  the  form  xl~e^(x^  +  l)e  + 1  are  equivalent  to  our  polynomials  with  the  form 
xn  +  (xa  +  l)fc,  but  they  are  in  fact  reciprocal  polynomials. 
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One  area  of  future  work  lies  in  further  analysis  of  the  results  regarding  those  Pascal 
polynomials  that  are  primitive.  Is  there  a  trend  that  we  can  depict,  by  graphical  or  other 
means,  which  might  lend  some  insight  into  a  method  of  predicting  when  a  Pascal  polyno¬ 
mial  will  be  primitive?  Given  the  linear  nature  of  polynomials  as  LFSRs,  stream  ciphers 
using  this  technique  are  relatively  easy  to  break  for  small  degree  polynomials.  However, 
as  the  degree  becomes  very  large,  say  n  >  200,  the  sequences  take  an  incredibly  long 
time  to  repeat.  In  fact,  a  200  degree  polynomial  with  full  period  would  take  approximately 
6.22  x  1048  years  to  recycle  with  a  data  rate  of  1  megabit/second.  If  we  could  efficiently 
find  a  large  pool  of  polynomials  with  large  degree,  we  could  utilize  portions  of  LFSRs  with 
a  reasonable  level  of  security. 
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APPENDIX  A.  PROOF  OF  PRIMITIVE  POEYNOMIAE 

AEGORITHM 


Given  a  polynomial  f(x)  of  degree  n  over  GF( 2),  such  that  n  >  2,  we  know  the 
period  of  f{x),  denoted  per is  less  than  or  equal  to  2"  —  1.  We  also  know  f(x)  is 
primitive  if  the  period  of  f(x')  =  2”  —  1.  And  we  know  that  given  two  polynomials  p(x') 
and  q(x),  the  per {p(x)q(x))  =  lcm(per(p(a;)),  per(g(x))).  Armed  with  these  facts,  we  are 
prepared  to  make  and  prove  the  following  claim. 

Theorem  A.l:  Given  a  polynomial  f(x)  of  degree  n  over  GF (2),  and  a:2’  -1  =  1 
(mod  f(x)),  and  xd  ^  1  (mod  f(x)),  for  all  d  that  are  divisors  of  2”  —  1,  then  f(x)  is 
primitive. 

Proof  (Contradiction).  If  we  know  f(x)  to  be  irreducible  of  degree  n,  we  know  per(/(x))  |2n— 
1.  So  if  we  know  that  f(x)  is  irreducible,  then  the  conditions  x2n~l  =  1  (mod  f(x))  and 
xd  ^  1  (mod  f(x))  imply  that  f(x)  is  primitive.  But  we  don’t  know  that  f(x)  is  irre¬ 
ducible. 

It  is  sufficient  to  show  that  there  exists  some  d\2n  —  1  such  that  xd  =  1  (mod  f(x)). 
Let’s  assume  that  f(x)  =  g(x)h(x),  where  0  <  deg (g(x))  —  r  <  n,  and  0  <  deg(/r(a;))  = 
s  <  n,  and  deg (f(x))  =  deg (g(x))  +  deg(/r(a;))  =  r  +  s  =  n,  and  gcd(g(a;),  h(x))  =  1, 
and  a:2"-1  =  1  (mod  f(x)).  Then  per((7(a;))  =  e\  <  2r  —  1  and  per(/i(x))  =  e2  <  2s  —  1. 

So  per  (f(x))  =  lcm(ei,  e2)  =  e,  and 

e  <  (2r  -  1)(2S  -  1)  =  2r+s  -  2r  -  2s  +  1  <  2n  -  1 

But,  since  g(x)\f(x)  and  f(x)\x2n~1  +  1,  it  is  also  the  case  that  g(x)\x2n~ 1  +  1, 
which  implies  that  ei|2n  —  1.  By  a  similar  arguement,  h(x)\f(x)  so  h{x)\x2,n~1  +  1,  which 
implies  that  e2|2n  —  1.  Now,  since  ei|2n  —  1  and  e2|2n  —  1,  we  know  that  e|2n  —  1.  But 
e  <  2”  —  1,  so  h(x)\xe  +  1  and  g(x)\xe  +  1  which  implies  that  f(x)\xe  +  1.  Therefore 
e  =  2d  —  l<2n  —  1  and  f{x)  is  imprimitive.  Thus  the  contradiction  which  completes  the 
proof.  □ 
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APPENDIX  B.  SAMPLE  MAGMA  CODE 


This  appendix  is  an  example  of  the  code  used  in  Magma,  an  algebraic  software 
package,  to  test  values  of  N  from  1  to  750  for  a  given  line  of  Pascal’s  triangle.  The  sample 
code  below  is  from  a  third  row  polynomial  and  the  code  includes  the  two  checks  discovered 
in  the  thesis  to  filter  values  of  N.  This  code  checks  for  primitivity,  but  could  also  be  used 
to  check  for  irreducibility. 

P<x>  :=  PolynomialRing (GF  (2) ) ; 

for  n  in  [1..700]  do 
t  :=  n  mod  6; 
if  t  eq  1  or  t  eq  5  then 
max  :=  Floor(n/3); 

n,  {  a:  a  in  [1 . .max]  I  IsPrimitive (f )  where  f\\ 
is  x"n  +  (x"a  +1)~3  }; 
end  if; 
end  for; 
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APPENDIX  C.  PRIMITIVE  TRINOMIALS 


This  appendix  presents  all  primitive  trinomials  of  degree  four  to  750.  The  trinomials 
have  the  form  xN  +xK  + 1.  If  there  are  multiple  values  in  the  K  cell,  then  each  choice  of  K 
for  the  corresponding  N  is  a  primitive  trinomial.  We  do  not  list  the  reciprocal  polynomials, 
so  we  only  test  values  of  K  up  to  |_^J . 


Table  C.l:  Primitive  trinomials  of  degree  4  to  750. 


N 

K 

N 

K 

N 

K 

4 

1 

249 

86 

489 

83 

5 

2 

250 

103 

490 

219 

6 

1 

252 

67 

494 

137 

7 

1,3 

255 

52,  56,  82 

495 

76,  89, 118,  226 

9 

4 

257 

12,41,48,51,65 

497 

78,  216,  228 

10 

3 

258 

83 

503 

3,  26,  248 

11 

2 

263 

93 

505 

156, 174 

15 

1,4,7 

265 

42,  127 

506 

95, 135 

17 

3,  5,6 

266 

47 

508 

109 

18 

7 

268 

25,61 

511 

10,  15,31,  160,  202,216 

20 

3 

270 

53, 133 

513 

85,  175 

21 

2 

271 

58,  70 

518 

33,45 

22 

1 

273 

23,53,  67,  88,  92,  110,  113 

519 

79 

23 

5,9 

274 

67, 99,  135 

521 

32, 48,  158,  168 

25 

3,7 

278 

5 

524 

167 

28 

3,  9, 13 

279 

5, 10,38,40,41,59,  76,  80,  125 

527 

47,  123,  147,  152,  198,  239 

29 

2 

281 

93,99 

529 

42,  114,  157 

31 

3,  6,  7,  13 

282 

35,43 

532 

1,37 

33 

13 

284 

119 

537 

94 

35 

2 

286 

69,  73 

540 

179,211 

36 

11 

287 

71,  116,  125 

543 

16, 28, 58, 203, 235 

39 

4,  8,  14 

289 

21,  36,  84 

545 

122 

41 

3,20 

292 

97 

550 

193 

47 

5,  14,  20,  21 

294 

61 

551 

135,240 

49 

9,  12,  15,22 

295 

48,  112,  123,  142,  147 

553 

39, 57,  94,  99, 109, 255,  258 

52 

3,  19,21 

297 

5,  83,  103,  122,  137 

556 

153 

55 

24 

300 

7,  73,91 

559 

34,  70,  148,  210 

57 

7,  22 

302 

41 

561 

71,  109,  155 

58 

19 

305 

102 

564 

163 

60 

1,  11 

313 

79,  121 

566 

153 

63 

1,5,31 

314 

15 

567 

143,  275 

65 

18,  32 

316 

135 

569 

77,210 

68 

9,  33 

319 

36,  52,  129 

570 

67 

71 

6,  9,  18,20,  35 

321 

31,56,  76,  82,  155 

574 

13 

73 

25,  28,31 

322 

67 

575 

146 

79 

9,  19 

327 

34,  152 

577 

25,27,  231 

81 

4,  16,  35 

329 

50,  54 

582 

85 

Continued  on  Next  Page. . . 
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APPENDIX  D.  PRIMITIVE  INSIDE  PASCAL  POLYNOMIALS 


This  appendix  presents  all  primitive  inside  Pascal  polynomials  of  degree  four  to 
750.  The  trinomials  have  the  form  ( x+l)N +xK ,  where  N  >  K.  If  there  are  multiple  values 
in  the  K  cell,  then  each  choice  of  K  for  the  corresponding  Ar  is  a  primitive  polynomial. 
We  do  not  list  the  reciprocal  polynomials,  so  we  only  test  values  of  K  up  to  |_yj  • 


Table  D.l:  Primitive  inside  Pascal  polynomials  of  degree  4 
to  750. 


N 

K 

N 

K 

N 

K 

4 

1 

249 

86 

489 

83 

5 

2 

250 

103 

490 

219 

6 

252 

494 

137 

7 

1,3 

255 

52,  56,  82 

495 

76,  89, 118,  226 

9 

4 

257 

12,41,48,51,65 

497 

78,  216,  228 

10 

3 

258 

503 

3,  26,  248 

11 

2 

263 

93 

505 

156, 174 

15 

1,4,7 

265 

42,  127 

506 

17 

3,  5,6 

266 

47 

508 

109 

18 

268 

25,61 

511 

10,  15,31,  160,  202,216 

20 

270 

513 

85, 175 

21 

271 

58,  70 

518 

33,45 

22 

1 

273 

519 

79 

23 

5,9 

274 

67,  99,  135 

521 

32, 48, 158,  168 

25 

3,7 

278 

5 

524 

167 

28 

3,  9, 13 

279 

5,  10,38,40,41,59,  76,  80,  125 

527 

47,  123,  147,  152,  198,  239 

29 

2 

281 

93,99 

529 

42,  114,  157 

31 

3,  6,  7,  13 

282 

532 

1,37 

33 

13 

284 

119 

537 

94 

35 

2 

286 

69, 73 

540 

36 

287 

71,  116,  125 

543 

16, 28, 58, 203, 235 

39 

4,  8,  14 

289 

21,  36,  84 

545 

122 

41 

3,20 

292 

97 

550 

47 

5,  14,  20,  21 

294 

551 

135,240 

49 

9,  12,  15,22 

295 

48,  112,  123,  142,  147 

553 

39, 57,  94,  99, 109, 255,  258 

52 

3,  19,21 

297 

5,  83,  103,  122,  137 

556 

153 

55 

24 

300 

559 

34,  70,  148,  210 

57 

7,  22 

302 

41 

561 

71,  109,  155 

58 

19 

305 

102 

564 

60 

313 

79,  121 

566 

153 

63 

314 

15 

567 

65 

18,  32 

316 

135 

569 

77,  210 

68 

9,  33 

319 

36,  52,  129 

570 

71 

6,  9,  18,  20,  35 

321 

31,56,  76,  82,  155 

574 

13 

73 

25,  28,31 

322 

67 

575 

146 

79 

9,  19 

327 

34,  152 

577 

25,27,  231 

Continued  on  Next  Page. . . 
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APPENDIX  E.  PRIMITIVE  ROW  THREE  PASCAL 

POLYNOMIALS 


This  appendix  presents  all  primitive  row  three  Pascal  polynomials  of  degree  four  to 
750.  The  polynomials  have  the  form  xN  +  (xA  +  l)3.  If  there  are  multiple  values  in  the  A 
cell,  then  each  choice  of  A  for  the  corresponding  N  is  a  primitive  polynomial. 


Table  E.l:  Primitive  row  three  Pascal  polynomials  of  degree 
4  to  750. 


N 

A 

N 

A 

N 

A 

5 

1 

217 

15,22,  44,  45,51 

463 

31,56,  83 

7 

1.  2 

223 

11,44,51,53,63 

479 

35,  85,  107,  119,  125 

11 

3 

233 

53 

481 

46,  67,  77 

17 

1,2,4 

239 

12,  27 

487 

120,  131 

23 

3,6 

241 

57 

497 

26,  72,  76 

25 

1,6 

247 

34,  55 

503 

1,85,  159 

29 

9 

257 

4,  16,  17,  64,  72 

505 

52,58 

31 

1,  2,  6,  8 

263 

31 

511 

5,72,  103,  117,  160,  167 

35 

11 

265 

14,  46 

521 

16,  56,  121,  163 

41 

1,  7 

271 

67,  71 

527 

41,49,  66,  96,  125,  160 

47 

7.9,  11,  14 

281 

31,33 

529 

14,  38,  124 

49 

3,  4,  5.  9 

287 

54,  57,  72 

545 

141 

55 

8 

289 

7,  12,  28 

551 

45,  80 

65 

6,  11 

295 

16,41,49,51,61 

553 

13,  19,33,85,  86,  148,  153 

71 

2,  3,  6,  12,  17 

305 

34 

559 

70,  137,  163,  175 

73 

14,  15,  16 

313 

64,  78 

569 

70,  164 

79 

3,20 

319 

12,43,  89 

575 

143 

89 

17 

329 

18,93 

577 

9,  77,  184 

95 

26,  28 

337 

19,  45,  49,  66,  94 

583 

151 

97 

2,  4,  11,21 

343 

25,  45,  46,  53 

593 

36,  59,  158,  169 

103 

3,  10,  24,  30 

353 

23,46,51,60,  70,  86 

599 

10,  70 

113 

3,  5,  10 

359 

39,97 

601 

67,  133 

119 

27,  37 

367 

7,  57 

607 

35,  49,  91 

121 

6 

377 

25, 112 

617 

139 

127 

5,  10,21,40,  42 

383 

30,  36,  45 

623 

29,  104,  109,  124,  131,  146,  165,  185 

137 

7,  19,  34 

385 

2,  8,  17,  18,53,81 

625 

52,  164 

145 

23,  31 

391 

120,  121 

631 

108 

151 

1,  3,  5,  13,  17,  21,  22,  27,  28,  35,  36,  40 

401 

77,83 

641 

12,  15,  118,  182,210 

161 

6,  1  3,  20 

407 

35,  112 

647 

50,  104,  144,214 

167 

2,  30,  36,  44 

409 

29 

649 

57,  107,  113,  192,  204 

169 

14,  19,  28,  45 

415 

34,  84 

655 

64,  189 

175 

2,6,  19,53 

425 

4,  7,  14,  22,  37,  78 

665 

11,48,64,  116,  132,  204 

185 

8,  23,  48 

431 

40,  77 

671 

5,67,  81 

191 

3,6,  17,40 

433 

11,51,  105,  124 

673 

61,84,  100,  138,215 

193 

5,  36,  40 

439 

52,  57,  98,  102,  130 

679 

22,  72 

199 

44,  55 

449 

94,  105 

689 

29,  69,  112,  170,  225 

Continued  on  Next  Page. . . 
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Table  E.  1  -  Continued 


N 

A 

N 

A 

N 

A 

209 

2,  15,  49,  53,  54,  65,  67 

455 

127,  131,  139 

695 

161 

215 

17,21,38,46,64 

457 

41,70,  77,  80,  132,  147 

697 

89,  129 

42 


APPENDIX  F.  PRIMITIVE  ROW  FIVE  PASCAL  POLYNOMIALS 


This  appendix  presents  all  primitive  row  five  Pascal  polynomials  of  degree  six  to 
750.  The  polynomials  have  the  form  xN  +  ( xA  +  l)5.  If  there  are  multiple  values  in  the  A 
cell,  then  each  choice  of  A  for  the  corresponding  N  is  a  primitive  polynomial. 


Table  F.  1 :  Primitive  row  five  Pascal  polynomials  of  degree  6 
to  750. 


N 

A 

N 

A 

N 

A 

6 

1 

258 

35 

471 

94 

9 

1 

263 

34 

474 

43 

17 

1 

271 

14 

479 

21,  51,75 

23 

1 

273 

22,  32,  37,  44,  50 

481 

50,56 

31 

5 

274 

27,  35 

487 

72 

33 

4 

278 

1 

503 

51,  100 

39 

5.7 

279 

1,2,  8,  16,  25,44 

506 

19,  27 

41 

4 

282 

7 

511 

2,  3,  32,  59,  96 

47 

1.4 

287 

25 

513 

17,35 

49 

3,8 

289 

41 

518 

9,  97 

57 

7,  10 

297 

1,32,35 

519 

88 

63 

1 

314 

3 

527 

75,  76,  96 

71 

4.  7,  13 

319 

38 

529 

83 

73 

5.9 

321 

31,49,  53,58 

543 

47,  68,  97,  103 

79 

12,  14 

322 

51 

551 

27,48 

81 

7,  13 

327 

35 

553 

51,59 

97 

17 

329 

10,55 

559 

14,  42,  105 

103 

6,  18 

337 

11,27,  38,56 

561 

31,98 

106 

3 

342 

25 

567 

55 

111 

2 

343 

15,27,41 

569 

42 

113 

3,6 

351 

11,47 

577 

5,  110 

118 

9,  17 

353 

19,  36,  40,  42,  43 

582 

17 

127 

3,  6,  24 

362 

51 

583 

26 

129 

1 

369 

22 

593 

97 

137 

7,  16 

377 

15 

594 

7,  115 

151 

3,  14,  17,  20,21,24 

378 

67 

599 

6,  42 

153 

29 

383 

18,27,55 

601 

80 

159 

8,  25 

391 

72 

607 

21,92 

161 

12 

394 

27 

617 

40 

167 

7,  18 

399 

58 

622 

65 

169 

17,  27 

401 

34 

623 

37,46,  99,  111 

177 

31 

407 

21 

634 

63 

191 

24,  28 

417 

31,62 

639 

19,61,92 

193 

3,  17,  24 

423 

5 

641 

9,  19,  121,  126 

198 

13 

431 

24,  40 

647 

1,30,  43,67 

199 

33 

433 

56,  63,  80 

649 

62 

202 

11 

438 

13 

657 

113 

209 

9,  10,  39 

439 

29,78 

658 

11 
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APPENDIX  G.  PRIMITIVE  ROW  SEVEN  PASCAL 

POLYNOMIALS 


This  appendix  presents  all  primitive  row  seven  Pascal  polynomials  of  degree  eight 
to  750.  The  polynomials  have  the  form  xN  +  (xA  +  1) 7 .  If  there  are  multiple  values  in  the 
A  cell,  then  each  choice  of  A  for  the  corresponding  Ar  is  a  primitive  polynomial. 


Table  G.  1 :  Primitive  row  seven  Pascal  polynomials  of  degree 
8  to  750. 


N 

A 

N 

A 

N 

A 

10 

1 

239 

29 

457 

30,31,33,  63 

17 

2 

241 

10 

458 

29 

22 

3 

250 

21 

460 

57 

23 

2 

257 

35 

463 

24 

25 

1 

265 

6 

478 

51 

31 

1,4 

271 

10 

479 

15,32,51 

41 

3 

274 

25 

481 

33,  40,  49 

47 

2,  3.6 

278 

39 

484 

15 

52 

3,7 

281 

26 

494 

51 

68 

5 

284 

17 

506 

53 

71 

5 

286 

31 

508 

57 

73 

4,6 

289 

3,  12 

521 

24 

79 

10 

295 

16,21 

524 

51 

94 

3 

305 

29 

527 

21,47 

95 

12 

337 

21,40 

529 

6 

97 

9,  13 

353 

30 

550 

51 

100 

9 

362 

9 

559 

10,  30,  75 

106 

13 

367 

3,28 

566 

59 

113 

14 

370 

33 

569 

11,30 

127 

1,9,  16,  18 

377 

48 

577 

33 

134 

11 

382 

43 

590 

71 

137 

3,5 

391 

4 

593 

17 

142 

3 

394 

37 

599 

30 

151 

9,  10,  12,  15,  16 

401 

33 

601 

57 

167 

5,  11,  23 

404 

27 

607 

15,21,39 

169 

6,  12,  16 

407 

15,48 

610 

69 

170 

21 

409 

46 

625 

19,  67 

172 

1 

412 

21 

634 

45 

178 

13 

415 

36 

641 

41,78,90 

185 

23 

422 

39 

647 

71 

191 

20,  26 

425 

3,  6,  59 

655 

81 

202 

21 

428 

15 

670 

39 

209 

2,  21,  29 

431 

33 

673 

4,  36,  37,  70 

212 

15 

433 

40,  45 

676 

57 

215 

9,  11 

439 

7,  19,  42 

689 

2,48,  86 

218 

21,29 

446 

15 

695 

69 
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Table  G.  1  -  Continued 


N 

A 

N 

A 

N 

A 

223 

10,  13,  27 

449 

45 

698 

69 

236 

33 

46 


APPENDIX  H.  PRIMITIVE  ROW  NINE  PASCAL  POLYNOMIALS 


This  appendix  presents  all  primitive  row  nine  Pascal  polynomials  of  degree  ten  to 
750.  The  polynomials  have  the  form  xN  +  ( xA  +  l)9.  If  there  are  multiple  values  in  the  A 
cell,  then  each  choice  of  A  for  the  corresponding  Ar  is  a  primitive  polynomial. 


Table  H.l:  Primitive  row  nine  Pascal  polynomials  of  degree 
10  to  750. 


N 

A 

N 

A 

N 

A 

11 

1 

209 

5,  18 

439 

19,  34 

23 

1.  2 

215 

7 

449 

35 

25 

2 

217 

5,  15,  17 

457 

44,  49 

29 

3 

223 

17,21 

487 

40 

31 

2 

239 

4,9 

497 

24 

47 

3 

241 

19 

503 

53 

49 

1.3 

257 

24 

511 

24,  39 

65 

2 

281 

11 

527 

22,  32 

71 

1,2,4 

287 

18,  19,  24 

545 

47 

73 

5 

289 

4 

551 

15 

79 

1 

295 

17 

553 

11,  51 

97 

7 

313 

26 

577 

3 

103 

1,8,  10 

319 

4 

593 

12 

113 

1 

329 

6,31 

623 

55 

119 

9 

337 

15,22 

631 

36 

121 

2 

343 

15 

641 

4,  5,  70 

127 

7,  14 

353 

17,  20 

647 

48 

151 

1,7,9,  12 

359 

13 

649 

19,  64,  68 

161 

2 

367 

19 

655 

63 

167 

10,  12 

383 

10,  12,  15 

665 

16,  44,  68 

169 

15 

385 

6,  27 

671 

27 

175 

2 

391 

40 

673 

28,46 

185 

16 

415 

28 

679 

24 

191 

1,  2 

425 

26 

689 

23,75 

193 

12 

433 

17,35 

697 

43 

47 
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APPENDIX  I.  PRIMITIVE  ROW  ELEVEN  PASCAL 

POLYNOMIALS 


This  appendix  presents  all  primitive  row  eleven  Pascal  polynomials  of  degree  twelve 
to  750.  The  polynomials  have  the  form  xN  +  (xA  +  l)11.  If  there  are  multiple  values  in  the 
A  cell,  then  each  choice  of  A  for  the  corresponding  N  is  a  primitive  polynomial. 


Table  1. 1 :  Primitive  row  eleven  Pascal  polynomials  of  degree 
12  to  750. 


N 

A 

N 

A 

N 

A 

15 

1 

215 

7 

447 

34 

17 

1 

217 

6,  12 

457 

21,36 

18 

1 

218 

1 

471 

32 

25 

2 

223 

3,  12 

478 

11 

35 

3 

225 

8 

479 

34 

36 

1 

236 

21 

481 

21 

47 

3 

247 

15 

518 

3,43 

49 

2 

257 

19 

519 

40 

52 

3 

273 

8,  10,  20 

521 

33,43 

57 

2 

274 

9 

527 

18 

65 

3 

279 

14,  20 

532 

45 

68 

3 

281 

9 

543 

28 

81 

7 

284 

15 

553 

9 

95 

1 

289 

23 

567 

13,25 

97 

3 

313 

11 

569 

7 

98 

1 

329 

25 

574 

51 

105 

8 

332 

19 

575 

39 

108 

7 

337 

5,  18 

577 

21,50 

118 

3 

345 

2,28 

585 

11 

123 

11 

351 

5 

588 

23 

134 

7 

353 

13 

622 

27 

135 

1.2 

359 

22 

623 

45 

142 

11 

364 

27 

633 

31 

148 

11 

369 

10 

634 

29 

151 

6,8 

383 

25 

639 

8 

161 

13 

391 

33 

641 

1,55 

167 

7,  12 

401 

21 

655 

8 

172 

15 

425 

6 

658 

5 

177 

2,8 

431 

21 

662 

27 

199 

12,  15 

433 

3 

665 

3,  36,  43 

201 

17 

436 

15 

679 

6 

202 

5 

446 

31 

49 
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